From: Jonathan Nieder <jrnieder@gmail.com>
To: rsbecker@nexbridge.com
Cc: 'Junio C Hamano' <gitster@pobox.com>,
'Taylor Blau' <me@ttaylorr.com>,
git@vger.kernel.org
Subject: Re: [BUG] fatal: transport 'file' not allowed during submodule add
Date: Wed, 28 Dec 2022 14:10:42 -0800 [thread overview]
Message-ID: <Y6y+zkUsPhknTYH/@google.com> (raw)
In-Reply-To: <011201d91aca$a5db7800$f1926800$@nexbridge.com>
Hi Randall,
rsbecker@nexbridge.com wrote:
> Junio C Hamano wrote:
>> This suspiciously sounds like what a1d4f67c (transport: make `protocol.file.allow`
>> be "user" by default, 2022-07-29) is doing deliberately.
>
> I have tried using 'git config --local protocol.file.allow always' and/or
> 'git config --local protocol.allow always' to get past this, without
> success.
Does `git config --global protocol.file.allow always` do the trick?
>> Taylor, does this look like a
>> corner case the 2.30.6 updates forgot to consider?
I think it's the intended effect (preventing file:// submodules), but
I wonder if this hints that we'd want that protection to be more
targeted. A file:// submodule (as opposed to a bare path without URL
scheme) wouldn't trigger the "git clone --local" behavior that that
commit mentions wanting to protect against, so at first glance it
would appear to be no more or less dangerous than cloning from a
remote repository.
One thing I'd be curious about is whether --local happening
automatically is actually worth it nowadays. "git worktree" does a
better job of sharing with an existing local repository, since the
sharing continues even after the worktree has been created, after any
"git gc" operations, and so on. Meanwhile, the distinction between
file:// and bare paths is subtle enough that I regularly encounter
people not being aware of it (for example when wanting a way to test
protocol code locally and not understanding why a bare-path clone
doesn't do that). Would it be more in the spirit of secure defaults
to require --local when someone wants to request the hardlinking trick
of local clone?
Thanks,
Jonathan
next prev parent reply other threads:[~2022-12-28 22:12 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-27 23:00 [BUG] fatal: transport 'file' not allowed during submodule add rsbecker
2022-12-28 3:34 ` Junio C Hamano
2022-12-28 14:42 ` rsbecker
2022-12-28 22:10 ` Jonathan Nieder [this message]
2022-12-28 22:25 ` rsbecker
2022-12-30 21:08 ` Taylor Blau
2022-12-30 21:48 ` rsbecker
2023-01-03 8:57 ` Jeff King
2022-12-30 21:04 ` Taylor Blau
2022-12-30 21:43 ` rsbecker
2022-12-30 23:16 ` rsbecker
2022-12-30 20:15 ` rsbecker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y6y+zkUsPhknTYH/@google.com \
--to=jrnieder@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=me@ttaylorr.com \
--cc=rsbecker@nexbridge.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).